package com.wsoft.config;

import com.wsoft.core.security.SecurityConfig;
import com.wsoft.core.service.DynamicSecurityService;
import com.wsoft.service.IMemberCommonService;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Lazy;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.firewall.HttpFirewall;
import org.springframework.security.web.firewall.StrictHttpFirewall;

import javax.annotation.Resource;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;

/**
 * 管理员权限控制
 *
 * @author: juiet
 * @date: 2022年06月20日 17:12
 */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class AdminSecurityConfig extends SecurityConfig {
    @Resource
    @Lazy
    private IMemberCommonService memberCommonService;

    @Bean
    public UserDetailsService adminDetailsService() {
        //获取登录用户信息
        return username -> memberCommonService.loadUserByUsername(username);
    }

    @Bean
    public DynamicSecurityService dynamicSecurityService() {
        return () -> {
            Map<String, ConfigAttribute> map = new ConcurrentHashMap<>(16);

            return map;
        };
    }

    @Bean
    public HttpFirewall defaultHttpFirewall() {
        // 解决双斜杠报错
        StrictHttpFirewall firewall = new StrictHttpFirewall();
        firewall.setAllowUrlEncodedDoubleSlash(true);
        return firewall;
    }

}
